Our small engineering team works on challenging problems every day. We have a culture that’s rooted in constantly learning and improving, and our engineers are encouraged to think big and experiment with new ideas. Using continuous deployment, we quickly see our changes in the product and make fast iterations. Our engineers focus on creating polished products and writing high quality code by designing APIs and abstractions that are extensible and maintainable. Everyone on the engineering team has a huge impact on our product and our company.
The Security Software Engineer is a key member of the Infrastructure team to own and improve the security of cloud Infrastructure and Quora services. This person will define and assess the organization’s security strategy and policy, identify security areas for improvement and drive for results.
Responsibilities
- Design, develop, and deploy applications to monitor cloud Infrastructure security and detect intrusions
- Deploy open-source tools or develop in-house solutions for OS hardening, access logging & analysis
- Build features or tools to ensure strong security in Quora product
- Provide security guidance to engineering teams and work with the product engineer on securing customer data in compliance with regulations such as GDPR and CCPA
- Drive the definition and implementation of security policies and monitor in conformance to the policies
- Conduct initial incident triage; determine scope, urgency, and potential impact of security incidents; lead and coordinate the incident response process
Minimum Requirements
- Ability to be available for meetings and impromptu communication during Quora’s “coordination hours” (Mon-Fri: 9am-3pm Pacific Time)
- Bachelor’s or Master’s degree in Computer Science or Information Security
- 4+ years of experience in Infrastructure and Information Security
- 4+ years working on AWS running multiple production workloads
- Knowledge of AWS security best practices and security controls using AWS services such as IAM, Cloudtrail, CloudWatch, etc.
- Attention to details and good communication and collaboration skills, be self-motivated and have a strong sense of ownership of tasks
Preferred Requirements
- Experience with applications for access logging, centralized logging, and monitoring/alerting of security log events such as ELK, Splunk, SumoLogic
- Experience with system administration, 2FA, SSO, and OS hardening techniques for Linux environments
- Experience in bash and Python, container technology such as docker and Kubernetes
- Working knowledge of incident response, threat modeling, and mitigation
- Strong understanding of common internet protocols such as HTTP, DNS, SMTP, etc
At Quora, we value diversity and inclusivity and welcome individuals from all backgrounds, including marginalized or underrepresented groups in tech, to apply for our job openings. We encourage all candidates who share a passion for growing the world’s knowledge, even those who may not strictly meet all the preferred requirements, to apply, as we know that a diverse range of perspectives can have a significant impact on our products and our culture.
Additional Information
We are accepting applications on an ongoing basis.
Quora offers a wide range of benefits including medical/dental/vision coverage, equity refreshers, remote work reimbursement, paid time off, employee assistance programs, and more. Benefits are country-specific and may vary. For more information on benefits, visit this link: www.careers.quora.com/benefits
There are many factors that will determine the starting pay, including but not limited to experience, location, education, and business needs.
- US candidates only: For US based applicants, the salary range is $147,200 – $275,750 USD + equity + benefits.
- Canada candidates only: For Canada based applicants, the salary range is $151,270 – $283,374 CAD + equity + benefits.
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.